Login or Register to Ask a Question and Join Our Community

Sponsored Content
Full Discussion: allow / deny root logins
Operating Systems AIX allow / deny root logins Post 302221482 by lo-lp-kl on Monday 4th of August 2008 02:04:29 PM
Old 08-04-2008
allow / deny root logins
Thanks for the comment E-EJ915

I will do to restart the ssh subsystem. but when I try to su - (switch to root) I got this.

$ su -
root's Password:
3004-311 This terminal can not be used at this time.

3004-501 Cannot su to "root" : Account is not accessible.

Im doing something wrong.

All I want to do. Its that root login canīt no be establish (telnet o ssh9. that you need to have a user first and then su to root and you got root. but I miss something. because I login with my user and when I try to su - to root I got
the message above.


Thanks for your tips
 

10 More Discussions You Might Find Interesting

1. UNIX for Dummies Questions & Answers

deny ssh from root - how to?

using redhat 7.2 Is it possible to not allow root to ssh into the server remotely, but allow the account that ssh'd in to the box to su to root? This way there is the added security of a hacker needing two passwords to hack your computer, a username/password for a regular account and also the... (3 Replies)
Discussion started by: theDirtiest
3 Replies

2. UNIX for Dummies Questions & Answers

Telnet deny

Hi all I'm using an AIX 5 machine. I'm trying to telnet from this machine to another Aix machine. When I use the "root" user - Everything works. I can telnet successfully the other machine When I use another user but root - I can't telnet the machine: noah@logist:/home/noah>telnet aixtst... (2 Replies)
Discussion started by: sunbird
2 Replies

3. UNIX for Dummies Questions & Answers

Run non-root script as root with non-root environment

All, I want to run a non-root script as the root user with non-root environment variables with crontab. The non-root user would have environment variables for database access such as Oracle or Sybase. The root user does not have the Oracle or Sybase enviroment variables. I thought you could do... (2 Replies)
Discussion started by: bubba112557
2 Replies

4. UNIX for Dummies Questions & Answers

ftp allow/deny list

OK, let see, i have a Tru64 Unix and need to know how the list of ftp users works and in /etc/ftpusers we have the unauthorized users but when we create a new user i want this users put automatic for deny access ..... where i set when creation of users action put automatic the user in that file?... (1 Reply)
Discussion started by: wbendek
1 Replies

5. AIX

Deny root rlogin

Hi, I have to forbid root-logins on all my servers, expect from two machines, these 2 machines login with root without a password it was quite easy with ssh, but I have a problem regarding rsh/rlogin, an there are a lot of rsh jobs, so it would take a lot of time to change all this... (4 Replies)
Discussion started by: funksen
4 Replies

6. Solaris

Deny root remote login help

I'm attempting to deny a user's ability to login as root through any remote means - ie telnet or ssh. I've read most of the threads that I can find on this site and I've looked at BigAdmin on Sun's site. I have done what has been suggested here and on BigAdmin which is to make sure that the line... (5 Replies)
Discussion started by: gonzotonka
5 Replies

7. Solaris

Migration of system having UFS root FS with zones root to ZFS root FS

Hi All After downloading ZFS documentation from oracle site, I am able to successfully migrate UFS root FS without zones to ZFS root FS. But in case of UFS root file system with zones , I am successfully able to migrate global zone to zfs root file system but zone are still in UFS root file... (2 Replies)
Discussion started by: sb200
2 Replies

8. AIX

Deny rsh,tn,or rlogin

Is there a way to deny access to a specific remote login option. example: usera--deny telnet access but keep rsh and rlogin userb--keeps telnet, rsh, and rlogin I'm basically trying to contol the access per services instead of changing the LOGIN REMOTELY(rsh,tn,rlogin) option to yes or no. (12 Replies)
Discussion started by: leemalloy
12 Replies

9. Red Hat

Limit root user of SSH logins

Hi team, I tried to modify the /etc/security/limits.conf file to limit the root user for more one login. I added the line in limits.conf file like: @root hard maxlogins 1 I also tried to modify /etc/ssh/sshd_config to limit the root userlogin by adding this: ... (10 Replies)
Discussion started by: leo_ultra_leo
10 Replies

10. UNIX for Dummies Questions & Answers

/etc/hosts.deny

Hi there, For /etc/hosts.deny was it used to deny access from the internet? (2 Replies)
Discussion started by: alvinoo
2 Replies

LEARN ABOUT MOJAVE

ssh-keysign

SSH-KEYSIGN(8)						    BSD System Manager's Manual 					    SSH-KEYSIGN(8)

NAME

     ssh-keysign -- ssh helper program for host-based authentication

SYNOPSIS

     ssh-keysign

DESCRIPTION

     ssh-keysign is used by ssh(1) to access the local host keys and generate the digital signature required during host-based authentication.

     ssh-keysign is disabled by default and can only be enabled in the global client configuration file /etc/ssh/ssh_config by setting
     EnableSSHKeysign to ``yes''.

     ssh-keysign is not intended to be invoked by the user, but from ssh(1).  See ssh(1) and sshd(8) for more information about host-based authen-
     tication.

FILES

     /etc/ssh/ssh_config
	     Controls whether ssh-keysign is enabled.

     /etc/ssh/ssh_host_dsa_key
     /etc/ssh/ssh_host_ecdsa_key
     /etc/ssh/ssh_host_ed25519_key
     /etc/ssh/ssh_host_rsa_key
	     These files contain the private parts of the host keys used to generate the digital signature.  They should be owned by root, read-
	     able only by root, and not accessible to others.  Since they are readable only by root, ssh-keysign must be set-uid root if host-
	     based authentication is used.

     /etc/ssh/ssh_host_dsa_key-cert.pub
     /etc/ssh/ssh_host_ecdsa_key-cert.pub
     /etc/ssh/ssh_host_ed25519_key-cert.pub
     /etc/ssh/ssh_host_rsa_key-cert.pub
	     If these files exist they are assumed to contain public certificate information corresponding with the private keys above.

SEE ALSO

     ssh(1), ssh-keygen(1), ssh_config(5), sshd(8)

HISTORY

     ssh-keysign first appeared in OpenBSD 3.2.

AUTHORS

     Markus Friedl <markus@openbsd.org>

BSD
								 February 17, 2016							       BSD
All times are GMT -4. The time now is 01:55 AM.
Unix & Linux Forums Content Copyright 1993-2022. All Rights Reserved.
Privacy Policy